package com.woniuxy.hospital.shiro;

import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.servlet.Filter;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;

@Slf4j
@Configuration
public class ShiroConfig {
//    @Bean
//    public HashedCredentialsMatcher credentialsMatcher(){//配置加密
//        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
//        hashedCredentialsMatcher.setHashAlgorithmName("MD5");//加密方式
//        hashedCredentialsMatcher.setHashIterations(1024);//加密次数
//        return hashedCredentialsMatcher;
//    }

    @Bean
    public EhCacheManager ehCacheManager() {//配置缓存
        EhCacheManager ehCacheManager = new EhCacheManager();
        //ehCacheManager.setCacheManagerConfigFile("classpath:shiro-ehcache.xml");
        return ehCacheManager;
    }
    @Bean
    public DbRealm realm() {
        DbRealm realm=new DbRealm();
        //realm.setCredentialsMatcher(credentialsMatcher());//缓存
        realm.setCacheManager(ehCacheManager());//缓存
        return realm;
    }
    @Bean
    public Realm jwtRealm() {
        JwtRealm realm = new JwtRealm();
        return realm;
    }

    @Bean
    public DefaultWebSecurityManager securityManager(){//使用ShiroFilterFactoryBean 要主动注入realm（）
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //多realm配置
        MultiRealmAuthenticator multiRealmAuthenticator = new MultiRealmAuthenticator();
        multiRealmAuthenticator.setRealms(Arrays.asList(realm(),jwtRealm()));
        securityManager.setAuthenticator(multiRealmAuthenticator);
        //设置授权组件//设置授权只找该realm（）//默认每个realm都会调用
        securityManager.setAuthorizer(realm());
        securityManager.setSessionManager(sessionManager());
        return securityManager;
    }

    @Bean
    public PowerMapFactoryBean powerMapFactoryBean(){
        PowerMapFactoryBean powerMapFactoryBean = new PowerMapFactoryBean();
        return powerMapFactoryBean;
    }
    @Bean
    public DefaultWebSessionManager sessionManager(){
        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
        //去掉shiro登录是url里的JSESSIONID
        sessionManager.setSessionIdUrlRewritingEnabled(false);
        return  sessionManager;
    }

    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(){
        log.debug("shiroFilterFactoryBean");

        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager());//注入
        //未认证的情况下跳转的路径
        shiroFilterFactoryBean.setLoginUrl("/patient/login");
        //没权限的情况下跳转的路径
        shiroFilterFactoryBean.setUnauthorizedUrl("/patient/login");
        //异步数据交互过滤
        Map<String,Filter> filters = new HashMap<>();
        filters.put("myperms",new MyPermissionsAuthorizationFilter());//加入自己的过滤器
        filters.put("jwt",new JwtFilter());
        shiroFilterFactoryBean.setFilters(filters);

        try {
            shiroFilterFactoryBean.setFilterChainDefinitionMap(powerMapFactoryBean().getObject());
        } catch (Exception e) {
            e.printStackTrace();
        }

        return shiroFilterFactoryBean;

    }


}
